package com.study_security.controller;


import com.study_security.domain.LoginUser;
import com.study_security.dto.ProjectDTO;
import com.study_security.entity.Project;
import com.study_security.service.ProjectService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

@RestController
@RequestMapping("/api/general")
public class GeneralController {
    @Autowired
    private ProjectService projectService;

    /**
     * 根据用户ID获取该用户拥有的所有项目
     *
     * @param authentication 认证信息
     * @return 用户拥有的所有项目
     */
    @PreAuthorize("hasAnyAuthority('perm_review','perm_leader')")
    @GetMapping("/projects")
    public List<ProjectDTO> getUserProjects(Authentication authentication) {
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        Long userId = loginUser.getUser().getId();
        return projectService.getUserProjects(userId);
    }

    /**
     * 根据项目ID显示项目概况
     *
     * @param projectId 项目ID
     * @return 项目概况
     */
    @PreAuthorize("hasAnyAuthority('perm_review','perm_leader')")
    @GetMapping("/project/{projectId}")
    public Project getProjectOverview(@PathVariable Long projectId) {
        return projectService.getProjectById(projectId);
    }
}
